Win2000 PAC-Credentials Implementation

Tobias Heide tucks.removeme at gmx.de
Wed Sep 3 01:42:32 EDT 2003


Hi there!

I wanted to have Windows 2000 Clients authenticate against a MIT Kerberos
1.3.1 KDC. But during implementation I came across some questions:

1. Is there an implementation for the Windows 2000 additional authorization
information, which they keep in their tickets? There is an internet draft
(which is expired), but is there an implementation as well?

2. Does any one know, why MS messes up DNS with certain _mscd, _tcp (etc.)
Domains? What is the sense behind this?

3. Is there a backend for LDAP in MIT Kerberos? Could as well be beta,
because this is only a case study until now.

4. Did anyone get it to run? (both, LDAP and/or Win2000 Clients)

Overall goal would be, to have some kind of active directory, but based on
Open Source Software.

Thanks in advance,
tobi
-- 
System Administrator DAASI International GmbH
http://www.daasi.de


More information about the Kerberos mailing list